This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/gxtTMluPb7DYJgy3wd0DpvfzwWM.roa File: gxtTMluPb7DYJgy3wd0DpvfzwWM.roa (raw, json) Hash identifier: fBS9RrpCcxHbEWQUD3mBXd03agLj4TXtQErbhFsWylM= Subject key identifier: 83:1B:53:32:5B:8F:6F:B0:D8:26:0C:B7:C1:DD:03:A6:F7:F3:C1:63 Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39 Certificate serial: 019B7B367DE40CFEE290B361D0BAAA9B6E3E Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/gxtTMluPb7DYJgy3wd0DpvfzwWM.roa Signing time: Thu 01 Jan 2026 20:18:47 +0000 ROA not before: Thu 01 Jan 2026 20:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 399989 IP address blocks: 195.64.120.0/24 maxlen: 24 195.64.121.0/24 maxlen: 24 195.64.122.0/24 maxlen: 24 195.64.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.mft rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:7d:e4:0c:fe:e2:90:b3:61:d0:ba:aa:9b:6e:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39 Validity Not Before: Jan 1 20:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=831b53325b8f6fb0d8260cb7c1dd03a6f7f3c163 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d0:92:aa:c1:66:aa:4b:94:36:35:b8:fd:7f: 01:66:54:5d:54:c6:8c:2f:d5:7d:fe:2b:52:76:c3: 7e:40:75:4b:9f:64:1b:d2:68:58:1b:bc:56:74:4f: 16:d0:61:60:34:e9:fc:a1:22:6d:be:e6:15:bf:83: 1c:c4:67:26:62:54:b4:33:de:cb:3c:db:c1:17:70: 57:3a:2f:10:45:89:82:36:4e:94:c7:3d:3d:5a:2d: 30:72:b2:9f:fd:3f:82:34:22:5a:5d:6c:ec:5e:35: cc:5b:04:ae:4a:36:3e:68:c3:aa:83:6d:89:26:17: 12:b9:e1:97:27:b9:f8:ca:8c:f1:27:89:e4:63:da: f9:d0:cb:ed:5d:81:2f:60:ec:a2:52:a2:d4:d7:ce: da:2c:e6:a0:78:be:c3:ac:8a:83:fc:1c:a9:99:3f: 89:ba:29:e9:86:8f:2d:74:4f:b0:a7:44:6b:5f:40: af:71:7d:54:20:6e:4d:f7:1b:29:df:7f:2d:40:74: cb:5a:3b:73:bc:cf:61:24:d2:ce:e4:87:4c:85:d4: b2:3b:91:43:5b:5d:a6:20:c8:3e:7b:bc:8a:1a:98: a3:d7:9c:06:21:7e:93:00:f5:48:32:7b:ca:ce:a0: e3:96:12:6c:1f:63:f8:fa:37:36:e1:35:1f:7f:57: 6c:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:1B:53:32:5B:8F:6F:B0:D8:26:0C:B7:C1:DD:03:A6:F7:F3:C1:63 X509v3 Authority Key Identifier: keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/gxtTMluPb7DYJgy3wd0DpvfzwWM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.64.120.0/22 Signature Algorithm: sha256WithRSAEncryption bd:0b:2d:07:68:b4:f8:ab:30:8b:27:c4:88:49:92:d4:51:0d: 81:bd:0f:c1:66:65:09:3b:a1:f7:47:2c:cd:ba:39:bb:b7:6e: d6:39:b5:ee:02:13:36:d6:93:5f:d3:c8:d7:61:36:d1:ff:b2: 3c:7d:ac:70:4d:0d:e4:26:25:06:1d:db:6f:e4:1f:69:df:27: 28:a7:cf:17:00:2f:36:c9:55:fa:55:0c:08:fe:46:50:e2:36: d4:d8:81:1c:b1:84:8a:d2:45:1b:2d:47:83:9b:00:86:20:7d: ce:57:4a:ec:7f:c3:77:33:ad:8e:d1:38:3e:6a:dc:82:d1:c1: 9e:08:13:ab:4b:44:3b:d5:ef:05:82:c5:97:7c:43:a7:8f:58: ea:41:57:5f:18:e0:e7:2a:5f:e2:9e:6b:19:43:e2:45:16:07: 4c:24:0b:76:14:da:81:df:df:a2:1b:4b:d7:54:2e:cc:ac:c8: 46:83:bc:f3:fc:6c:f8:ba:62:a6:bb:af:ff:60:96:5f:37:96: 80:9d:98:27:5f:b8:7d:9e:a3:c9:60:6c:14:34:41:f6:07:1b: 70:71:c8:58:d7:05:0a:59:72:61:05:cd:3e:b5:0c:d1:4b:d7: 28:45:92:6b:3d:21:d8:75:8b:cc:d9:44:4b:40:08:b9:58:8b: f9:af:36:52 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7Nn3kDP7ikLNh0Lqqm24+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx NGRiMzkwHhcNMjYwMTAxMjAxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzFiNTMzMjViOGY2ZmIwZDgyNjBjYjdjMWRkMDNhNmY3ZjNjMTYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptCSqsFmqkuUNjW4/X8BZlRdVMaM L9V9/itSdsN+QHVLn2Qb0mhYG7xWdE8W0GFgNOn8oSJtvuYVv4McxGcmYlS0M97L PNvBF3BXOi8QRYmCNk6Uxz09Wi0wcrKf/T+CNCJaXWzsXjXMWwSuSjY+aMOqg22J JhcSueGXJ7n4yozxJ4nkY9r50MvtXYEvYOyiUqLU187aLOageL7DrIqD/BypmT+J uinpho8tdE+wp0RrX0CvcX1UIG5N9xsp338tQHTLWjtzvM9hJNLO5IdMhdSyO5FD W12mIMg+e7yKGpij15wGIX6TAPVIMnvKzqDjlhJsH2P4+jc24TUff1dsWwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIMbUzJbj2+w2CYMt8HdA6b388FjMB8GA1UdIwQY MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt ZWQzMGI5YmIxMmQ1LzEvZ3h0VE1sdVBiN0RZSmd5M3dkMERwdmZ6d1dNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1 LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0B4MA0G CSqGSIb3DQEBCwUAA4IBAQC9Cy0HaLT4qzCLJ8SISZLUUQ2BvQ/BZmUJO6H3RyzN ujm7t27WObXuAhM21pNf08jXYTbR/7I8faxwTQ3kJiUGHdtv5B9p3ycop88XAC82 yVX6VQwI/kZQ4jbU2IEcsYSK0kUbLUeDmwCGIH3OV0rsf8N3M62O0Tg+atyC0cGe CBOrS0Q71e8FgsWXfEOnj1jqQVdfGODnKl/inmsZQ+JFFgdMJAt2FNqB39+iG0vX VC7MrMhGg7zz/Gz4umKmu6//YJZfN5aAnZgnX7h9nqPJYGwUNEH2BxtwcchY1wUK WXJhBc0+tQzRS9coRZJrPSHYdYvM2URLQAi5WIv5rzZS -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:51 2026 by rpki-client